<? if ($c = stack('name')) {

	$s = component_settings($c);

//debug('init');

	if (($tid = gccHuuid(param('id'))) && 
		($ticket = datafetch('db_item', 'cs_ticket', "id=$tid AND kind=".TK_CHANGE_MAIL))) {
		
		$person = json_decode($ticket['data'], true);
//debug($person);		
		if (	($person['email'] = h($person['email'])) && 
				($person['old'] = h($person['old'])) && 
			!($d = datafetch('db_item', 'cs_person', "email='$person[old]'"))) {
//debug("can't change e-mail that is not in the base");
			header("Location: "._transformURL($CURRENT->url, array('remove_params' => 'all', 'add_level' => 'wrong')));
			exit;
		}

		$newmail = $person['email'];
		$pass = $person['pass'];
		
		datafetch('db_update', 'cs_person', "pass='$pass', email='$newmail'", "id=$d[id]");
		datafetch('db_delete', 'cs_ticket', "id=$tid AND kind=".TK_CHANGE_MAIL);
		
		gccChangeEmail(array('person_id' => $d['person_id'], 'email' => $newmail));


// login as newly confirmed login

		if ($user = datafetch('db_item', tb('auth'), "id=$d[auth_id]")) {

			$user['time'] = date("H:i");
			
			$user['vuser'] = array_merge($d, gccLoadPerson($d['person_id']), array('email' => $newmail, 'pass' => $pass));	// load person data
			
			$user['settings'] = json_decode($user['settings'], true);
			if (!is_array($user['settings'])) $user['settings'] = array();
			
			create_session($user);
		}
		
					
		header("Location: "._transformURL($CURRENT->url, array('remove_params' => 'all', 'add_level' => 'login_changed')));

	} else {

//debug('wrong code');
		header("Location: "._transformURL($CURRENT->url, array('remove_params' => 'all', 'add_level' => 'wrong')));
		exit;
	}

unstack();
}